FEATURES EDITION | 'Shift Left' Gets Pushback, Triggers Security Soul Searching

A government report's criticism of the 100x metric often used to justify fixing software earlier in development fuels a growing debate over pushing responsibility for secure code onto developers. [TechWeb]( Follow Dark Reading: [RSS]( October 26, 2024 LATEST SECURITY FEATURES & COMMENTARY ['Shift Left' Gets Pushback, Triggers Security Soul Searching]( A government report's criticism of the 100x metric often used to justify fixing software earlier in development fuels a growing debate over pushing responsibility for secure code onto developers. [Breaking Barriers: Making Cybersecurity Accessible for Neurodiverse Professionals]( Cybersecurity is not "one size fits all." Employers, recruiters, and managers need to embrace neurodiversity through inclusive hiring practices, tailored training programs, and adaptive management styles. [Time to Get Strict With DMARC]( Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict. [EU Adopts Cyber Resilience Act to Regulate Internet of Things]( The European Union adopted a new law setting EU-wide cybersecurity requirements for connected devices to ensure their safety. [Open Source LLM Tool Sniffs Out Python Zero-Days]( Vulnhuntr is a Python static code analyzer that uses Claude AI to find and explain complex, multistep vulnerabilities. [Codasip Donates Tools to Develop Memory-Safe Chips]( The software development kit will simplify building and testing of CHERI-enabled RISC-V applications. [MORE FROM THE EDGE]( / [MORE FROM DR TECHNOLOGY]( HOT TOPICS [Microsoft SharePoint Vuln Is Under Active Exploit]( The risk of exploitation is heightened, thanks to a proof-of-concept that's been made publicly available. [Cisco Disables DevHub Access After Security Breach]( The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers. [CISOs: Throwing Cash at Tools Isn't Helping Detect Breaches]( A survey shows three-quarters of CISOs are drowning in threat detections put out by a sprawling stack of tools, yet still lack the basic visibility necessary to identify breaches. [MORE]( PRODUCTS & RELEASES [Honeywell and Google Cloud to Accelerate Auto Operations With AI Agents for the Industrial Sector]( [Grip Security Releases 2025 SaaS Security Risks Report]( [American Water Under Investigation for Cyberattack Potentially Affecting 14M Customers]( [SoftwareOne Launches Cloud Competency Centre in Malaysia]( [Retail & Hospitality ISAC Launches Program Aimed at Securing Supply Chains]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [CISOs' Privacy Responsibilities Keep Growing]( A heated regulatory landscape, uncertainty over AI use, and how it all ties back to cybersecurity means CISOs have to add privacy to their portfolios. [FHE Consortium Pushes for Quantum-Resilient Cryptography Standards]( The FHE Technical Consortium for Hardware (FHETCH) brings together developers, hardware manufacturers, and cloud providers to collaborate on technical standards necessary to develop commercial fully homomorphic encryption solutions and lower adoption barriers. [What Today's SOC Teams Can Learn From Baseball]( There are more similarities between developing a professional athlete and developing a cybersecurity pro than you might expect. WEBINARS - [Unleashing AI to Assess Cyber Security Risk]( - [Simplify Data Security with Automation]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [2024 Cloud Security Report]( - [IDC White Paper: The Peril and Promise of Generative AI in Application Security]( - [Gartner Report: Cyber Asset Attack Surface Management]( - [RevealX Catches Ransomware Within Days of Deployment at WCH]( - [A CISO's Guide to Geopolitics and CyberSecurity]( - [Purple AI Datasheet]( - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=126478&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_10.26.24&sp_cid=55582&utm_content=DR_NL_Dark%20Reading%20Daily_10.26.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#84 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)